|
| 1 | +use std::io::Write; |
| 2 | + |
| 3 | +use cb_common::{ |
| 4 | + commit::client::SignerClient, |
| 5 | + config::ClientAuthConfig, |
| 6 | + types::{Jwt, ModuleId}, |
| 7 | +}; |
| 8 | +use cb_tests::utils::setup_test_env; |
| 9 | +use eyre::Result; |
| 10 | +use rcgen::{CertificateParams, KeyPair}; |
| 11 | + |
| 12 | +const JWT_MODULE: &str = "test-module"; |
| 13 | +const JWT_SECRET: &str = "test-jwt-secret"; |
| 14 | + |
| 15 | +/// Test that the SignerClient can be created with client authentication |
| 16 | +#[tokio::test] |
| 17 | +async fn test_web3_signer_client_auth() -> Result<()> { |
| 18 | + setup_test_env(); |
| 19 | + |
| 20 | + // Create a keypair first (default: ECDSA P-256) |
| 21 | + let key_pair = KeyPair::generate().unwrap(); |
| 22 | + |
| 23 | + // Create the certificate |
| 24 | + let params = CertificateParams::new(vec!["web3signer-client-test".to_string()])?; |
| 25 | + let cert = params.self_signed(&key_pair)?; |
| 26 | + |
| 27 | + // PEM-encode the key and certificate to temp files |
| 28 | + let mut cert_file = tempfile::NamedTempFile::new()?; |
| 29 | + let mut key_file = tempfile::NamedTempFile::new()?; |
| 30 | + write!(cert_file, "{}", cert.pem())?; |
| 31 | + write!(key_file, "{}", key_pair.serialize_pem())?; |
| 32 | + |
| 33 | + // Create the signer config with client auth - this will create a new client |
| 34 | + // that has client auth enabled, so if it fails anywhere then it'll fail |
| 35 | + // here |
| 36 | + let _client = SignerClient::new( |
| 37 | + "http://localhost:0".parse()?, |
| 38 | + Jwt(JWT_SECRET.to_string()), |
| 39 | + ModuleId(JWT_MODULE.to_string()), |
| 40 | + Some(ClientAuthConfig { |
| 41 | + cert_path: cert_file.path().to_path_buf(), |
| 42 | + key_path: key_file.path().to_path_buf(), |
| 43 | + }), |
| 44 | + )?; |
| 45 | + |
| 46 | + Ok(()) |
| 47 | +} |
0 commit comments